Uploaded image for project: 'MariaDB Server'
  1. MariaDB Server
  2. MDEV-25197

The statement set password=password('') executed in PS mode fails in case it is run by a user with expired password

Details

    Description

      A user with an expired password connected to a server can't assign new password with the statement "SET password=..." if the statement is run in PS mode, for example when it is submitted to server via binary protocol.

      Test case is below.

      CREATE USER user1@localhost PASSWORD EXPIRE
      		 
      SET GLOBAL disconnect_on_expired_password=OFF;
      		 
      connect(con1,localhost,user1);
      		 
      connection con1;
      		 
      --error ER_MUST_CHANGE_PASSWORD
      		 
      select 1;
      		 
       
      		 
      -- The following statement fails with the error ER_MUST_CHANGE_PASSWORD.
      		 
      PREPARE stmt FROM "SET password=password('')";

      In case the statement

      SET password=password('');

      is run as a regular statement it is executed successfully.

      Attachments

        Issue Links

          blocks

          Task - A task that needs to be done. MDEV-16708 Unsupported commands for prepared statements

          • Blocker - Blocks development and/or testing work, production could not run.
          • Closed
          relates to

          Bug - A problem which impairs or prevents the functions of the product. MDEV-25413 should_send_column_info(): Assertion `cmd == COM_STMT_EXECUTE || cmd == COM_STMT_PREPARE' failed

          • Blocker - Blocks development and/or testing work, production could not run.
          • Closed

          Activity

            Ascending order - Click to sort in descending order
            shulga Dmitry Shulga created issue -
            shulga Dmitry Shulga made changes -
            Field Original Value New Value
            shulga Dmitry Shulga made changes -
            Description A user with an expired password connected to a server can't assign new password with the statement "SET password=..." if the statement is run in PS mode, for example when it is submitted to server via binary protocol.

            Test case is below.
            {code:sql}
            CREATE USER user1@localhost PASSWORD EXPIRE
            SET GLOBAL disconnect_on_expired_password=OFF;
            connect(con1,localhost,user1);
            connection con1;
            --error ER_MUST_CHANGE_PASSWORD
            select 1;

            -- The following statement fails with the error ER_MUST_CHANGE_PASSWORD.
            PREPARE stmt FROM "SET password=password('')";
            {code}

            In case the statement "SET password=password('');" is run as a regular statement it is executed successfully.
            		A user with an expired password connected to a server can't assign new password with the statement "SET password=..." if the statement is run in PS mode, for example when it is submitted to server via binary protocol.

            Test case is below.
            {code:sql}
            CREATE USER user1@localhost PASSWORD EXPIRE
            SET GLOBAL disconnect_on_expired_password=OFF;
            connect(con1,localhost,user1);
            connection con1;
            --error ER_MUST_CHANGE_PASSWORD
            select 1;

            -- The following statement fails with the error ER_MUST_CHANGE_PASSWORD.
            PREPARE stmt FROM "SET password=password('')";
            {code}

            In case the statement
            {code:sql}
            SET password=password('');
            {code}
            is run as a regular statement it is executed successfully.
            shulga Dmitry Shulga made changes -
            Fix Version/s 10.4 [ 22408 ]
            Fix Version/s 10.5 [ 23123 ]
            Fix Version/s 10.6 [ 24028 ]
            shulga Dmitry Shulga made changes -
            Status Open [ 1 ] In Progress [ 3 ]
            shulga Dmitry Shulga made changes -
            Assignee Dmitry Shulga [ JIRAUSER47315 ] Oleksandr Byelkin [ sanja ]
            Status In Progress [ 3 ] In Review [ 10002 ]
            sanja Oleksandr Byelkin made changes -
            Assignee Oleksandr Byelkin [ sanja ] Dmitry Shulga [ JIRAUSER47315 ]
            Status In Review [ 10002 ] Stalled [ 10000 ]
            shulga Dmitry Shulga made changes -
            Fix Version/s 10.4.19 [ 25205 ]
            Fix Version/s 10.5.10 [ 25204 ]
            Fix Version/s 10.6.0 [ 24431 ]
            Fix Version/s 10.4 [ 22408 ]
            Fix Version/s 10.5 [ 23123 ]
            Fix Version/s 10.6 [ 24028 ]
            Resolution Fixed [ 1 ]
            Status Stalled [ 10000 ] Closed [ 6 ]
            marko Marko Mäkelä made changes -
            serg Sergei Golubchik made changes -
            Workflow MariaDB v3 [ 120280 ] MariaDB v4 [ 159055 ]

            People

              shulga Dmitry Shulga
              shulga Dmitry Shulga
              Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved:

                Git Integration

                  Error rendering 'com.xiplink.jira.git.jira_git_plugin:git-issue-webpanel'. Please contact your Jira administrators.